Symantec inadvertently warned enterprise customers of a full-scale internet meltdown on Friday.

An erroneous alert from Symantec's DeepSight falsely warned that a devastating attack was underway. The message, which went out at 8:40pm Eastern time, contained a subject line that stated: "DeepSight Increased ThreatCon from 1 to 4 Alert."

The ThreatCon scale - whose moniker mimics the defense readiness condition (DEFCON (http://en.wikipedia.org/wiki/Defcon)) system used by the military - runs from one (all calm on the Western Front) to four (meltdown).

The mark is decided by Symantec based on the patterns of attacks it monitors. Symantec has never issued a genuine ThreatCon 4 alert and has only rarely ramped up the scale to ThreatCon 3. The last time Symantec issued a ThreatCon 3 alert was in May 2004, during the height of the Sasser worm epidemic (http://www.theregister.co.uk/2004/05/04/sasser_worm).

Symantec recalled the long range bombers moved back down to ThreatCon 1 and hour after issuing its Chicken Little-style alert on Friday. The security giant blamed the erroneous alert on "product testing", Computerworld reports (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9038358&source=rss_news10).

Symantec's European centre of operations, one of four tracking stations it runs across the world, is housed (http://www.theregister.co.uk/2005/03/24/symantec_bunker_feature/) in a former nuclear shelter in rural Hampshire. Perhaps all that time underground monitoring threats affected one of Symantec's security watchers.

Perhaps some stir-crazy watcher, worried about hackers polluting our precious internet traffic, had a Brigadier General Jack D Ripper-style moment (http://www.imdb.com/title/tt0057012/) and ratcheted up the threat scale. ®

Related stories

• Symantec pushes Backup Exec with Altiris (17 October 2007)

  http://www.theregister.co.uk/2007/10/17/symantec_integrates_backup_exec_with_altiris/

• AVG cries wolf at Adobe Reader (31 August 2007)

  http://www.theregister.co.uk/2007/08/31/avg_adobe_false_update/

• Security firm erects threat-level aggregator (2 January 2007)

  http://www.theregister.co.uk/2007/01/02/threat_level_aggregator/

• Symantec false alert floors Macs (10 May 2005)

  http://www.theregister.co.uk/2005/05/10/symantec_mac_false_alarm/

• 'Doomsday nerds' defend cyberspace (24 March 2005)

  http://www.theregister.co.uk/2005/03/24/symantec_bunker_feature/

• McAfee AV ate my application (7 September 2004)

  http://www.theregister.co.uk/2004/09/07/mcafee_false_alarm/

• Sasser worm creates havoc (4 May 2004)

  http://www.theregister.co.uk/2004/05/04/sasser_worm/